5 matches found
Security update for uftpd (important)
openSUSE Security Update: Security update for uftpd Announcement ID: openSUSE-SU-2020:0069-1 Rating: important References: 1160199 Cross-References: CVE-2020-5204 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for uftpd to...
CVE-2020-5204
In uftpd before 2.11, there is a buffer overflow vulnerability in handlePORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses...
CVE-2020-5204
In uftpd before 2.11, there is a buffer overflow vulnerability in handlePORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses...
CVE-2020-5204 Buffer overflow vulnerability in uftpd
In uftpd before 2.11, there is a buffer overflow vulnerability in handlePORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses...
CVE-2020-5204
CVE-2020-5204 affects uftpd prior to 2.11. A buffer overflow exists in FTP PORT parsing (ftpcmd.c handle_PORT) where a 16-byte buffer can overflow when filling input with a format string like %d.%d.%d.%d using user input. The root cause is sprintf-based population of the IPv4-like string exceedin...